AWS code-library documentation change
Summary
Updated IAM policy document formatting to use Kotlin multiline string and changed IamClient initialization to use fromEnvironment method
Security assessment
The change improves code formatting and uses environment-aware client initialization, but doesn't address specific security vulnerabilities or add security guidance. The policy still uses a wildcard resource ('*'), which is a security concern but was already present in the original version.
Diff
diff --git a/code-library/latest/ug/iam_example_iam_CreatePolicy_section.md b/code-library/latest/ug/iam_example_iam_CreatePolicy_section.md index 064339644..52d60050c 100644 --- a//code-library/latest/ug/iam_example_iam_CreatePolicy_section.md +++ b//code-library/latest/ug/iam_example_iam_CreatePolicy_section.md @@ -723,17 +723,18 @@ There's more on GitHub. Find the complete example and learn how to set up and ru - val policyDocumentVal = - "{" + - " \"Version\": \"2012-10-17\"," + - " \"Statement\": [" + - " {" + - " \"Effect\": \"Allow\"," + - " \"Action\": [" + - " \"dynamodb:DeleteItem\"," + - " \"dynamodb:GetItem\"," + - " \"dynamodb:PutItem\"," + - " \"dynamodb:Scan\"," + - " \"dynamodb:UpdateItem\"" + - " ]," + - " \"Resource\": \"*\"" + - " }" + - " ]" + - "}" + val policyDocumentVal = """ + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "dynamodb:DeleteItem", + "dynamodb:GetItem", + "dynamodb:PutItem", + "dynamodb:Scan", + "dynamodb:UpdateItem" + ], + "Resource": "*" + } + ] + } + """.trimIndent() @@ -747 +748 @@ There's more on GitHub. Find the complete example and learn how to set up and ru - IamClient { region = "AWS_GLOBAL" }.use { iamClient -> + IamClient.fromEnvironment { region = "AWS_GLOBAL" }.use { iamClient ->